From aac6c1d03ae5a8be76d6440f3c9ca689ba6ae904 Mon Sep 17 00:00:00 2001 From: kroosec Date: Fri, 13 Jul 2012 15:02:09 +0000 Subject: [PATCH] Added OSPF support to broadcast-listener. --- CHANGELOG | 3 ++ nselib/data/packetdecoders.lua | 63 +++++++++++++++++++++++++++++++++- 2 files changed, 65 insertions(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index 568d5a827..f00bbc719 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,4 +1,7 @@ # Nmap Changelog ($Id$); -*-text-*- +o [NSE] Added support for decoding OSPF Hello packets to broadcast-listener. + [Hani Benhabiles] + o [NSE] Added ospf library which handles OSPFv2 packets. [Patrik Karlsson] diff --git a/nselib/data/packetdecoders.lua b/nselib/data/packetdecoders.lua index 8372cd741..486f6ec88 100644 --- a/nselib/data/packetdecoders.lua +++ b/nselib/data/packetdecoders.lua @@ -34,6 +34,7 @@ local target = require "target" -- x ARP requests (IPv4) -- x CDP - Cisco Discovery Protocol -- x EIGRP - Cisco Enhanced Interior Gateway Routing Protocol +-- x OSPF - Open Shortest Path First -- -- o UDP -- x DHCP @@ -51,7 +52,8 @@ local target = require "target" -- Version 0.2 -- Created 07/25/2011 - v0.1 - created by Patrik Karlsson --- 02/12/2012 - v.02 - added support for EIGRP - Tom Sellers +-- 02/12/2012 - v0.2 - added support for EIGRP - Tom Sellers +-- 07/13/2012 - v0.3 - added support for OSPF - Hani Benhabiles local bin = require 'bin' local target = require 'target' @@ -332,6 +334,65 @@ Decoders = { getResults = function(self) return { name = "EIGRP Hello", (self.results and tab.dump(self.results) or "") } end, }, + -- OSPF + ['0201'] = { -- OSPFv2 Hello packet + + new = function(self) + local o = { dups = {} } + setmetatable(o, self) + self.__index = self + return o + end, + + process = function(self, layer3) + local p = packet.Packet:new( layer3, #layer3 ) + -- IP Protocol is 89 for OSPF + if p.ip_p ~= 89 then return end + + local ospf = require("ospf") + + local data = layer3:sub(p.ip_data_offset + 1) + local header = ospf.OSPF.Header.parse(data) + if header then + if not(self.results) then + self.results = tab.new(5) + tab.addrow(self.results, 'Source IP', 'Router ID', 'Area ID', 'Auth Type', 'Password') + end + local srcip = p.ip_src + local areaid = header.area_id + local routerid = header.router_id + local authtype = header.auth_type + local authdata + -- Format authentication type and data + if header.auth_type == 0 then + authtype = "None" + authdata = '' + elseif header.auth_type == 1 then + authtype = "Password" + authdata = header.auth_data.password + elseif header.auth_type == 2 then + authtype = "OSPF MD5" + authdata = "" -- Not really helpful, as the MD5 + -- is applied to the whole packet+password + else + -- Error + stdnse.print_debug("Unknown OSPF auth type %d", header.auth_type) + return + end + + if ( not(self.dups[("%s:%s"):format(routerid,areaid)]) ) then + if ( target.ALLOW_NEW_TARGETS ) then target.add(routerid) end + self.dups[("%s:%s"):format(routerid,areaid)] = true + tab.addrow( self.results, srcip, routerid, areaid, authtype, authdata) + end + else + return nil + end + + end, + + getResults = function(self) return { name = "OSPF Hello", (self.results and tab.dump(self.results) or "") } end, + }, }, udp = {